package seismosurfer.servlets.security;

import java.util.Iterator;
import java.util.List;
import java.util.Vector;

import javax.servlet.http.HttpServletRequest;

import seismosurfer.database.UserDAO;
import seismosurfer.domain.User;

/**
 * Contains various security related operations. 
 *
 */
public class SecurityUtil {

    public SecurityUtil() {

    }
    
    /**
     * Gets the maximum number of rows a user
     * in a role can retrieve.
     * 
     * @param request the HttpServletRequest used to determine the user
     *        role
     * @return the number of rows
     */
    public static int getMaxRows(HttpServletRequest request) {

        UserDAO ud = new UserDAO();

        int maxRows = -1;

        if (request.isUserInRole(User.GUEST)) {
            maxRows = ud.getMaxRows(User.GUEST);
            System.out.println("Guest Max Rows: " + maxRows);
        } else if (request.isUserInRole(User.SURFER)) {
            maxRows = ud.getMaxRows(User.SURFER);
            System.out.println("Surfer Max Rows: " + maxRows);
        } else if (request.isUserInRole(User.MINER)) {
            maxRows = ud.getMaxRows(User.MINER);
            System.out.println("Miner Max Rows: " + maxRows);
        } else if (request.isUserInRole(User.ADMIN)) {
            maxRows = ud.getMaxRows(User.ADMIN);
            System.out.println("admin Max Rows: " + maxRows);
        } else {
            System.out.println("User is not associated with a role!!!");
        }
        
        return maxRows;
    }
    
    /**
     * Gets a list of constraints for a user role
     * which is determined from the http request.
     * 
     * @param request the HttpServletRequest used to determine the user
     *        role
     * @return a list of constraints 
     */
    public static List getConstraints(HttpServletRequest request) {

        UserDAO ud = new UserDAO();

        List constraints = new Vector();

        if (request.isUserInRole(User.GUEST)) {
            System.out.println("User has entered as guest!!!");

            constraints = ud.getConstraints(User.GUEST);

            for (Iterator i = constraints.iterator(); i.hasNext();) {
                System.out.println("Guest Constraints: " + (String) i.next());
            }

        } else if (request.isUserInRole(User.SURFER)) {

            System.out.println("User has entered as surfer!!!");

            constraints = ud.getConstraints(User.SURFER);

            for (Iterator i = constraints.iterator(); i.hasNext();) {
                System.out.println("Surfer User Constraints: "
                        + (String) i.next());
            }

        } else if (request.isUserInRole(User.MINER)) {

            System.out.println("User has entered as miner!!!");

            constraints = ud.getConstraints(User.MINER);

            for (Iterator i = constraints.iterator(); i.hasNext();) {
                System.out.println("Miner Constraints: " + (String) i.next());
            }

        } else if (request.isUserInRole(User.ADMIN)) {

            System.out.println("User has entered as admin!!!");

            constraints = ud.getConstraints(User.ADMIN);

            for (Iterator i = constraints.iterator(); i.hasNext();) {
                System.out.println("admin Constraints: " + (String) i.next());
            }

        } else {
            System.out.println("User is not asssociated with a role!!!");
        }

        return constraints;

    }

}
